I have few questions related to data security in AEP.
1. Is there a mechanism in place to obfuscate the data within datasets associated with a particular profile immediately after the customer revokes their GDPR consent.
2. I would like to inquire about the scope of data deletion when using the privacy service API. Specifically, does the API remove the entire customer data from datasets, profile store, and identity service with a single call, or does it only target the data that has been explicitly labeled via data usage label. If yes, is their a certain label like l1,l2 , s1,s2 that should be used to delete the data.
Hi @arpan-garg ,
To your first point, there is no such way to obfuscate the data within the datasets as most of regulations are about Access/Delete.
Second, yes depending on the Experience Cloud applications that you are using, you must label the specific data fields that should be accessed or deleted in response to privacy requests. The process for labelling data varies between applications. To learn how to label data for each supported Adobe application, see the document on Experience Cloud applications.
Hello @AtulChavan ,
In the dataset, I have about 20 different attributes, and I specifically marked 2 of them as "L1." Afterwards, I used a privacy service API to make a call. However, I noticed that the entire entry from the Adobe Experience Platform (AEP) was deleted, not just those 2 labeled fields. I'm a bit confused because I thought that labeling the fields would only result in those 2 attributes being deleted. Could you please help me understand the advantage of labeling the fields if the entire entry gets deleted?